Everyone knows your location: tracking myself down through in-app ads

There are quite a few interesting tracking flows out there.

My rent is paid through a company called Bilt.

I discovered that when I shop at Walgreens now, Bilt sends me an email containing the full receipt of what I bought like so:

    > Hey [inahga],
    >
    > You shopped at Walgreens on 12/1/24 and earned Bilt Points with your
    > Neighborhood Pharmacy benefit.
    >
    > Items eligible for rewards
    > TOSTITOS HINT OF LIME RSTC 11OZ
    > $3.50
    > 
    > +3 pts
    > TOSTITOS RSTC 12OZ
    > $3.50
    >
    > +3 pts
    > Other items*
    > EXCLUDED ITEMS
    > $0.07
    >
    > *May include rewards-ineligible items and/or prescriptions.

Ostensibly (hopefully) it would exclude sensitive items, plan B, condoms, etc...

I'm curious how this data flows from Walgreens to my rent company, but maybe I'd rather not know and just use cash/certified check from now on.

Things like that are on my mind when HN rants about GDPR. Something like this would be wildly illegal where I live.

HN rants about it because it’s not a good solution. It identified a problem but caused an idiotic fallout (cookie banners) and failed to actually put in a framework to enforce that companies aren’t just lying.